Practical Plausibly Deniable Encryption through Low-Level Storage Device Behavior
Don Porter and Radu Sion, Stony Brook
Dan Tsafrir, Technion
This project leverages low-level characteristics of flash and other emergent persistent memories to hide data with plausible deniability, improving performance and capacity over the state of the art. Plausibly deniable encryption is the ability to hide that a given data is on a device, whether the ability exists to decrypt it, or even that the data exists. Plausible deniability is a powerful property to protect data on devices the user has lost physical control over, such as protecting consumers from accidental mass disclosures of private data through misplaced devices. This issue is of particular concern for anyone who travels internationally with sensitive data, including human rights workers, diplomats, military personnel, or even business travelers. This project is also creating novel teaching materials for low-level flash programming—an increasingly common facet of computer systems that is not widely understood.
This project investigates a unique opportunity to implement plausibly deniable encryption using the underlying electrical properties of flash memory. The promising property of flash is that the same hardware cell can encode data in multiple ways, and adjust the encoding dynamically. This project integrates this encoding mechanism with data hiding: as long as the encoding follows an expected voltage distribution, an adversary cannot discern the precise encoding technique or how much data is encoded. This project also investigates firmware-level techniques to manage hidden data; extends these techniques to emerging persistent memories, such as phase change memory; and augments widely-used flash simulators.